From a7cf30f8081f98bdcd3f999a13c619374792f4c6 Mon Sep 17 00:00:00 2001 From: Eric Hu Date: Thu, 9 Dec 2010 16:29:39 -0800 Subject: [PATCH] Minor fixes to pass tests 301 and 306 with a patched axTLS. --- lib/axtls.c | 40 +++++++++++++++++++++++++--------------- tests/runtests.pl | 2 +- 2 files changed, 26 insertions(+), 16 deletions(-) diff --git a/lib/axtls.c b/lib/axtls.c index ff4ff2b15..82a0ddcc6 100644 --- a/lib/axtls.c +++ b/lib/axtls.c @@ -131,7 +131,6 @@ static CURLcode map_error_to_curl(int axtls_err) return CURLE_SSL_CONNECT_ERROR; break; } - return CURLE_SSL_CONNECT_ERROR; /* catch-all for non-easily-mapped errors */ } static Curl_recv axtls_recv; @@ -339,6 +338,8 @@ static ssize_t axtls_send(struct connectdata *conn, must be at least 120 bytes long. */ int rc = ssl_write(conn->ssl[sockindex].ssl, mem, (int)len); + infof(conn->data, " axtls_send\n"); + if(rc < 0 ) { *err = map_error_to_curl(rc); rc = -1; /* generic error code for send failure */ @@ -351,12 +352,14 @@ static ssize_t axtls_send(struct connectdata *conn, void Curl_axtls_close_all(struct SessionHandle *data) { (void)data; + infof(data, " Curl_axtls_close_all\n"); } void Curl_axtls_close(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; + infof(conn->data, " Curl_axtls_close\n"); if(connssl->ssl) { /* line from ssluse.c: (void)SSL_shutdown(connssl->ssl); axTLS compat layer does nothing for SSL_shutdown */ @@ -390,6 +393,8 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex) to be at least 120 bytes long. */ ssize_t nread; + infof(conn->data, " Curl_axtls_shutdown\n"); + /* This has only been tested on the proftpd server, and the mod_tls code sends a close notify alert without waiting for a close notify alert in response. Thus we wait for a close notify alert from the server, but @@ -430,25 +435,31 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex) return retval; } -/* - * If the read would block we return -1 and set 'wouldblock' to TRUE. - * Otherwise we return the amount of data read. Other errors should return -1 - * and set 'wouldblock' to FALSE. - */ static ssize_t axtls_recv(struct connectdata *conn, /* connection data */ int num, /* socketindex */ char *buf, /* store read data here */ size_t buffersize, /* max amount to read */ CURLcode *err) { - ssize_t ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf, - (int)buffersize); + struct ssl_connect_data *connssl = &conn->ssl[num]; + ssize_t ret = 0; - /* axTLS isn't terribly generous about error reporting */ - if(ret < 0) { - failf(conn->data, "axTLS recv error (%d)", (int)ret); - *err = map_error_to_curl(ret); - return -1; + infof(conn->data, " axtls_recv\n"); + + if(connssl){ + ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf, (int)buffersize); + + /* axTLS isn't terribly generous about error reporting */ + /* With patched axTLS, SSL_CLOSE_NOTIFY=-3. Hard-coding until axTLS + team approves proposed fix. */ + if(ret == -3 ){ + Curl_axtls_close(conn, num); + } + else if(ret < 0) { + failf(conn->data, "axTLS recv error (%d)", (int)ret); + *err = map_error_to_curl(ret); + return -1; + } } *err = CURLE_OK; @@ -456,8 +467,6 @@ static ssize_t axtls_recv(struct connectdata *conn, /* connection data */ } /* - * This function uses SSL_peek to determine connection status. - * * Return codes: * 1 means the connection is still in place * 0 means the connection has been closed @@ -469,6 +478,7 @@ int Curl_axtls_check_cxn(struct connectdata *conn) axTLS compat layer always returns the last argument, so connection is always alive? */ + infof(conn->data, " Curl_axtls_check_cxn\n"); return 1; /* connection still in place */ } diff --git a/tests/runtests.pl b/tests/runtests.pl index 743fb1f62..966eb0dd2 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -2559,7 +2559,6 @@ sub singletest { if($curl_debug) { unlink($memdump); } - $cmd = "-1 ".$cmd if(exists $feature{"SSL"} && $has_axtls == 1); # create a (possibly-empty) file before starting the test my @inputfile=getpart("client", "file"); @@ -2619,6 +2618,7 @@ sub singletest { } elsif(!$tool) { # run curl, add --verbose for debug information output + $cmd = "-1 ".$cmd if(exists $feature{"SSL"} && $has_axtls == 1); $cmdargs ="$out --include --verbose --trace-time $cmd"; } else {